Underscore Character Treatment In Default FTK DtSearch Settings : Support Portal

Underscore Character Treatment In Default FTK DtSearch Settings Print

Modified on: Sun, Sep 26, 2021 at 9:56 AM

Question:

Regarding the underscore ( _ ) character, I can see words/strings that contain an underscore, however I am not receiving search results that include those examples. Why is that?

Answer:

Default dtSearch settings in Accessdata FTK have the underscore character defined as a "letter". This means that the underscore character is indexed as a literal character, rather than treated as a word-breaker.

Thus, for an FTK case using default dtSearch settings, to find a string that contains an underscore, one must include the underscore in the query.

E.g. For a string like "older_version_documentation" to be returned as a search hit, one would need to search like below:

older_version_documentation

older*

older_*

older_version*

This also means that searching for any of the following would not return "older_version_documentation" as a search hit:

older

version

documentation

older w/1 version

Note: One can change this default treatment of the underscore character during case creation.

E.g. remove the underscore from the "letters" section and add it to the "hyphen" or "space" section.

Applies To

AD Enterprise

AD Lab

FTK

Contributors: Bryan Gorczyk, Tom Angle

Did you find it helpful? Yes No

Underscore Character Treatment In Default FTK DtSearch Settings Print

Related Articles